RSA Security Designs RFID Blocker

Aug 27, 2003—Aug. 28, 2003 - RSA Security, one of the leading providers of digital security products, has come up with a scheme for protecting privacy while enabling consumers and businesses to get the benefits of RFID tags. It is proposing "blocker tags" that will prevent RFID tags in the same reader field from being read.

RSA's Juels

The concept is incredibly simple, and its application should be inexpensive and effective. RFID readers can't read more than one tag at a time, because the reader is unable to decipher radio waves reflected back by two tags simultaneously. So vendors have developed anti-collision protocols to enable the reader to communicate with one tag at a time in rapid sequence. The blocker tag essentially confuses the reader by always responding, thereby preventing any tags from being read.

The most common anti-collision schemes are called "aloha" and "tree walking." Aloha assigns each tag a time slot to talk to the reader. With tree walking, the reader asks the tags to speak in sequence: first all of the tags with serial numbers that start with 0, then 1, then 00 and 01, then 10 and 11 and so on. The tree-walking scheme is similar to a teacher asking only the students whose names begin with A to answer, instead of having all the students shout out their names at once. The blocker tag is essentially a student that shouts out its name every time the teacher says a letter.

"The blocker creates a collision every time the reader tries to do singulation," says Ari Juels, principal research scientist for RSA Laboratories, the research arm of RSA Security. "So from the reader's perception, every single identifier in the world is present."

There are other ways to block readers from reading tags. For instance, the reader’s signal could be jammed, the way fighter aircraft jam enemy radar on the ground. But that's an expensive option. The blocker tags, which work much like regular passive RFID tags, would cost only a little more to create since the tags would need two antennas to reflect back two bits simultaneously.

RSA is planning to license the blocker tag protocol to RFID tag makers. It is also talking to the Auto-ID Center, which has been receptive to the blocker tag concept, according to Juels.

Aside from being low-cost, the blocker tag has another benefit: It offers more control and flexibility. The Auto-ID Center's specification includes a kill command. But once the tag is killed, it cannot be reactivated, which means consumers would not be able to benefit from the tag after they purchase the item.

Retailers could offer customers blocker tags, perhaps embedded in shopping bags. Instead of killing the tag on a purchased item at checkout, the retailer could flip a single bit on the item, so all check out tags would have a serial number that stars with, says, a one. Then, when items are placed in the bag, the blocker tag would prevent readers from reading any tags that start with a one. That way, no one could surreptitiously discover the contents of the bag. When consumers get home, they could still use the tag in the item, perhaps to keep track of the contents of their cupboard.

The blocker tag could be used to block all tags with a certain prefix. For instance, consumers might want to keep tags active in their clothes, but prevent anyone from reading the tags in their clothes. They might change the prefix on all tags in their clothes and pin a blocker tag on their lapel.

Companies, no doubt, would like to prevent competitors from reading tags on goods being shipped to a key client. But the blocker wouldn't necessarily protect goods from being read in the supply chain. That's because once the first bit on an item has been flipped, the only way to flip it back is to isolate the tag and change the bit with a handheld reader. That would be too labor-intensive to be cost effective for protecting goods being shipped, for instance, from a manufacturing plant to a retail distribution center. Juels says RSA is working on other ways to protect corporate RFID data.